Canadian group files privacy complaint against Facebook

Facebook collects sensitive information about its users and shares it without their permission, doesn’t alert users about how their personal information is being shared and doesn’t adequately destroy user data after they deactivate their accounts, a Canadian group said.

In a statement, CIPPIC Director Philippa Lawson called Facebook a “minefield of privacy invasion.”

A group of law school students found 22 violations. They argued, for instance, that Facebook doesn’t make clear to users how their personal information might be used, such as for advertising and for programs created by outside developers, such as horoscope widgets. Facebook also shares unnecessary information with outside developers, giving them access to all of it instead of only the relevant data to make the program work.

Setting up a secure account is cumbersome and complicated, and many of its younger users may not know how, the group added.

Canada, with more than 7 million users, has the third largest Facebook audience.

This isn’t the first time Facebook has come under fire over privacy concerns. Some of the group’s accusations echo past complaints, including how Facebook shares information with advertisers and partners. In March, the Palo Alto startup rolled out new tools that it said would let users have greater control over their privacy, such as letting only certain groups of friends see their photos and other personal information.

In a statement, Facebook said that the group misinterprets Canada’s privacy laws and ignores its privacy policy and architecture.

“We pride ourselves on the industry leading controls we offer users over their personal information,” Facebook said. “We’ve reviewed the complaint and found it has serious factual errors — most notably its neglect of the fact that almost all Facebook data is willingly shared by users.”